Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[0.25] backport #365 and #366 #492

Merged
merged 6 commits into from
Feb 10, 2019
Merged

[0.25] backport #365 and #366 #492

merged 6 commits into from
Feb 10, 2019

Conversation

dirkmueller
Copy link

No description provided.

piponazo
piponazo previously approved these changes Jan 27, 2019
@piponazo
Copy link
Collaborator

I will try to update the travis scripts in 0.25 so that we can merge this PR.

@imsodin imsodin mentioned this pull request Feb 8, 2019
@D4N
Copy link
Member

D4N commented Feb 8, 2019

Hi Dirk, sorry for taking so long to address this. Could you please try to rebase your pull request on top of 0.25 again? I hope that #691 fixes the CI.

D4N and others added 6 commits February 9, 2019 10:59
- overflow builtins were added with gcc 5.0

(cherry picked from commit 729a696)
…with Visual Studio (size_t code ripple)

(cherry picked from commit 44da472)
Several checks for extracted values performed no overflow checks on the
addition. They can be tricked into passing, albeit the individual summands are
too large.
=> use Safe::add() which now aborts when an overflow occurs
This fixes Exiv2#366

(cherry picked from commit fe70939)
offset_ can become arbitrarily large and overflows once its added to size_,
this causes all kinds of problems further in the code when offset_ is used
again.
=> Use Safe::add() to catch potential overflows
This fixes Exiv2#365.

(cherry picked from commit 937a1a2)
@mergify mergify bot dismissed piponazo’s stale review February 9, 2019 10:00

Pull request has been modified.

@piponazo piponazo merged commit 59641ca into Exiv2:0.25 Feb 10, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants